Description
The Mail Mint plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the process_contact_attribute_import function in all versions up to, and including, 1.18.10. This makes it possible for authenticated attackers, with Administrator-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
Published: 2025-11-08
Score: 7.2 High
EPSS: < 1% Very Low
KEV: No
Impact: Authenticated Arbitrary File Upload with potential for Remote Code Execution
Action: Patch
AI Analysis

Impact

The Mail Mint WordPress plugin is vulnerable because the process_contact_attribute_import function does not validate the type of files that an authenticated user, specifically those with Administrator-level privileges or higher, can upload. This omission allows an attacker to upload any file to the site’s server, potentially introducing executable code. The weakness is covered by CWE‑434 and can lead to remote code execution if the attacker forges a malicious script or executable.

Affected Systems

The vulnerability exists in all versions of the Mail Mint plugin—developed by getwpfunnels—up to and including 1.18.10. Administrators or users with similar or higher privileges running the plugin under any WordPress installation are susceptible.

Risk and Exploitability

The CVSS score of 7.2 indicates a high level of severity. The EPSS score is reported as less than 1 %, suggesting that, while the vulnerability is serious, the probability that it will be actively exploited in the near term is low. Because exploitation requires authenticated access, attackers need to compromise an administrator account or use another admin‑level account, which mitigates the risk compared to a publicly exploitable flaw. The flaw is not listed in the CISA KEV catalog. The most probable attack vector is an administrator legitimately logged into the WordPress dashboard who performs the contact attribute import action.

Generated by OpenCVE AI on April 22, 2026 at 00:37 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Mail Mint plugin to version 1.18.11 or higher to apply the fixed file‑type validation logic.
  • If an upgrade cannot be performed immediately, limit the use of the Import feature to only a small, trusted subset of administrators, and consider revoking unused editor or administrator accounts.
  • Implement a web‑application firewall rule that blocks or scans file uploads to the plugin’s import endpoint, rejecting files that are not plain text or expected data formats.
  • If feasible, relocate or clean up the upload directory after confirming uploads, and set directory permissions so that files cannot be executed by the web server.

Generated by OpenCVE AI on April 22, 2026 at 00:37 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 10 Nov 2025 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 10 Nov 2025 09:45:00 +0000

Type Values Removed Values Added
First Time appeared Getwpfunnels
Getwpfunnels mail Mint
Wordpress
Wordpress wordpress
Vendors & Products Getwpfunnels
Getwpfunnels mail Mint
Wordpress
Wordpress wordpress

Sat, 08 Nov 2025 09:30:00 +0000

Type Values Removed Values Added
Description The Mail Mint plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the process_contact_attribute_import function in all versions up to, and including, 1.18.10. This makes it possible for authenticated attackers, with Administrator-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
Title Mail Mint <= 1.18.10 - Authenticated (Admin+) Arbitrary File Upload
Weaknesses CWE-434
References
Metrics cvssV3_1

{'score': 7.2, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

Getwpfunnels Mail Mint
Wordpress Wordpress
cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published:

Updated: 2026-04-08T17:24:41.225Z

Reserved: 2025-10-20T15:11:14.944Z

Link: CVE-2025-11967

cve-icon Vulnrichment

Updated: 2025-11-10T14:08:06.155Z

cve-icon NVD

Status : Deferred

Published: 2025-11-08T10:15:40.643

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-11967

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-22T00:45:04Z

Weaknesses